IT GRC Auditor - Colombia
Elevate
Full-time
On-site
Coral Gables, Florida, United States
Cybersecurity
IT GRC Auditor Consultant
REMOTE - COLOMBIA BASED APPLICANTS ONLY
www.elevateconsult.com
Are you passionate about serving your clients and seeing their projects through to success? Do you identify as a pragmatic problem solver? Do you thrive in dynamic and fast-faced environments? Are you looking for a unique opportunity to shape a growing US-based IT GRC and Cybersecurity practice, in a remote setting, that will require collaborative teamwork and groundbreaking projects? Do you have the entrepreneurial spirit and mindset to shape the firm and be an integral part of its success? If you answer yes, then continue reading. . .
Why Elevate?
Elevate is a premier consulting firm specializing in Cyber Security, IT Compliance and AI Governance & AI Risk Management. Our team consists of self-managed, high-caliber professionals with deep expertise in their respective fields. We value exceptional client service, solving and coaching our clients through complex and critical transformations and providing effective results. We have been in business for over 16 years with hundreds of happy clients in a multitude of industries, environments, and challenges where we bring value with our solutions and placements.
We are looking for motivated, experienced, and client facing IT GRC Audit Consultants who possesses a broad skillset, demonstrating excellent communication and presentations skills, analytical thinking, and a desire for learning and working with clients. You should be resourceful, detailed oriented and have the knowledge to independently put together client requests lists, review client artifacts and identify controls and controls gaps and potential risks.
We value exceptional client service, solving and coaching our clients through complex and critical transformations and providing effective communication (both verbal & written).
Our Mission
To be proud of what we do. To serve and enjoy our clients and the people we work with. To grow our company and grow as individuals.
About the Position
We are seeking experienced and detailed-oriented IT GRC Audit Consultants to work along-side our US-based Client Service Delivery Team and serve our US based clients: IT Executives and Security Professionals. You will work closely with our clients to provide readiness advisory for their information compliance assessments, IT GRC audits and IT internal audits. In addition, we encourage and will support you if you want to put the time in to learn about our Cyber Security and AI Governance and Risk Management services.
You will play a pivotal role in our organization’s efforts to enhance clients’ IT GRC resilience and compliance efforts.
What you’ll do
What you Need to Get Hired
Familiarity with the following technologies (and demonstrated ability to learn):
We work together as a team. We work hard but we enjoy who we work with. We thrive in transparency and allow flexibility – all the culture benefits of working for Elevate that distinguish us as a boutique consulting firm compared to larger organizations.
REMOTE - COLOMBIA BASED APPLICANTS ONLY
www.elevateconsult.com
Are you passionate about serving your clients and seeing their projects through to success? Do you identify as a pragmatic problem solver? Do you thrive in dynamic and fast-faced environments? Are you looking for a unique opportunity to shape a growing US-based IT GRC and Cybersecurity practice, in a remote setting, that will require collaborative teamwork and groundbreaking projects? Do you have the entrepreneurial spirit and mindset to shape the firm and be an integral part of its success? If you answer yes, then continue reading. . .
Why Elevate?
Elevate is a premier consulting firm specializing in Cyber Security, IT Compliance and AI Governance & AI Risk Management. Our team consists of self-managed, high-caliber professionals with deep expertise in their respective fields. We value exceptional client service, solving and coaching our clients through complex and critical transformations and providing effective results. We have been in business for over 16 years with hundreds of happy clients in a multitude of industries, environments, and challenges where we bring value with our solutions and placements.
We are looking for motivated, experienced, and client facing IT GRC Audit Consultants who possesses a broad skillset, demonstrating excellent communication and presentations skills, analytical thinking, and a desire for learning and working with clients. You should be resourceful, detailed oriented and have the knowledge to independently put together client requests lists, review client artifacts and identify controls and controls gaps and potential risks.
We value exceptional client service, solving and coaching our clients through complex and critical transformations and providing effective communication (both verbal & written).
Our Mission
To be proud of what we do. To serve and enjoy our clients and the people we work with. To grow our company and grow as individuals.
About the Position
We are seeking experienced and detailed-oriented IT GRC Audit Consultants to work along-side our US-based Client Service Delivery Team and serve our US based clients: IT Executives and Security Professionals. You will work closely with our clients to provide readiness advisory for their information compliance assessments, IT GRC audits and IT internal audits. In addition, we encourage and will support you if you want to put the time in to learn about our Cyber Security and AI Governance and Risk Management services.
You will play a pivotal role in our organization’s efforts to enhance clients’ IT GRC resilience and compliance efforts.
What you’ll do
- Support our US-based Client Service Delivery team by conducting information security assessments, IT GRC audits and IT compliance assessments and advisory projects
- Engage and communicate with our US-based clients via video conference calls, emails and written reports and client deliverables. A strong command of the English language (both written and spoken) is a must
- Reporting action items, roadblocks, and other tasks during projects to managers and clients – must possess the ability to articulate complex issues in a simple and easy to understand manner
- Effective time management skills, proactively communicate tasks you are working on by updating your task list
- Proactively communication with your manager when tasks are taking longer than budgeted, ask clarifying questions and be proactive to ensure you understand the tasks assigned to you and you feel confident you can get things done in the assigned budget
- Assist in developing client deliverables, including information security policies, client request lists, designing audit test plan, documenting audit test results, identifying, articulating and tracking findings and preparing final audit reports
- Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions
- Conduct specialized IT GRC frameworks audits and assessments (e.g. ISO 27001, SOX, SOC, HIPAA, NIST etc.)
- Identify and communicate findings, recommendations and apply critical thinking to provide creative and pragmatic solutions that drive project progress effectively
- Conduct comprehensive IT audits and GRC assessments by evaluating information security policies, procedures, and controls
- Utilize industry and security knowledge to help clients identify vulnerabilities, weaknesses, gaps in controls and potential threats in order to translate into language understandable to the client and actionable for remediation
- Participate in project planning by collaborating with clients and our teams to refine IT solutions and implement governance and compliance frameworks
- Demonstrate professional client management skills by building and maintaining relationships with US based clients
- Build and nurture positive working relationships with clients and coworkers, by providing high quality deliverables and communications
- Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements
- This role will report directly to the respective Client Service Delivery Manager
What you Need to Get Hired
- 4-6 years of experience working with IT internal audit, risk and/or IT departments and performing readiness assessments or audits of business and IT functions, working in a IT GRC Compliance advisory firm preferred
- Experience performing IT frameworks audits and IT risk assessments (e.g. ISO 27001, SOX, SOC, HIPAA, NIST, etc.)
- Demonstrated ability to manage multiple projects simultaneously and experience scoping, planning, and executing projects autonomously.
- Strong experience with regulatory and compliance standards (e.g., NIST, ISO 27001/2/17/18/ 27701, SOC 1, SOC 2, SOX, HIPAA, PCI etc.)
- Awareness of or demonstrated willingness to learn about AI Governance frameworks, specifically ISO 42001, is a plus
- Ability to work during U.S. business, time zones (9-6PM)
- Experience working for a U.S. based IT consulting firm (preferred)
- Bachelor's degree (in Management Information Systems, Information Technology, Computer Science, Accounting, Business Administration).
- “Big 4” consulting experience in various industries
- Certification as CISSP, CCSK, CISA, and/or CISM preferred
Familiarity with the following technologies (and demonstrated ability to learn):
- All Microsoft O365 products – including Teams & Sharepoint
- Use of AI search engines to expedite tasks
- Project Management tools like ClickUp, Monday, Base Camp, etc.
- Experience working with or demonstrated willingness to learn how to use compliance management tools (Control Map, Drata, Vanta, etc.)
- This is a remote position; no travel is required.
We work together as a team. We work hard but we enjoy who we work with. We thrive in transparency and allow flexibility – all the culture benefits of working for Elevate that distinguish us as a boutique consulting firm compared to larger organizations.